Wi-Fi fraud hard to detect

2 major scams, the Evil Twin and the Man in the Middle, are reported to be under way

Plugged In

May 24, 2007|By Andrew D. Smith | Andrew D. Smith,The Dallas Morning News

DALLAS -- Open your laptop computer in any airport, hotel or coffee shop, and you'll often find unsecured Wi-Fi networks available for free browsing.

Although these innocent-sounding offerings - Anytown Municipal Wi-Fi, Karen's Home Router - generally offer safe harbor, they sometimes serve as bait for hackers, identity thieves and other bad guys.

Neither the FBI nor anyone else can quantify Wi-Fi fraud. Thieves rarely get caught. Victims seldom know enough to report the crime. But with suspicious networks everywhere and wireless security much in the news, security experts advise caution.

"You got two major scams, the Evil Twin and the Man in the Middle," said Dennis Tsu, vice president of marketing for AirTight Networks Inc. in Mountain View, Calif.

"An Evil Twin looks like a legitimate hot spot but isn't. Man in the Middle routes you to a legitimate hot spot by way of a thief's computer. Either way, the bad guys see whatever you type in and whatever you have in your shared files."

In a couple of short trips around Dallas recently, this reporter's laptop picked up unidentified networks in a coffee bar, a library, an apartment complex and Dallas/Fort Worth International Airport.

A slow drive down the streets of Uptown turned up a couple of dozen open Internet connections, just beckoning passers-by to check their e-mail accounts.

Most of these networks probably hid nothing more sinister than carelessly unsecured home routers. Probably.

Many apartment dwellers expect to mooch off their neighbors' open networks. Customers expect Wi-Fi in coffee bars, libraries and airports. When people find connections in such locations, they generally trust them.

Even seasoned users who subscribe to commercial networks can fall victim to copycat fakes.

Fortunately, phony hot spots only intercept what users send and receive via the Internet. They don't give hackers a window into the entire computer.

Still, even people who don't use their credit cards or check financial accounts via wireless connections can get themselves into trouble. Many divulge their bank accounts by checking e-mail accounts with the same password. Even if the passwords are different, many e-mail accounts contain some very revealing messages.

"It's not even difficult. A lot of computers are set up so they will automatically connect to any available network, without ever asking users if they want to connect," said Amit Sinha, chief technology officer at AirDefense Inc., of Alpharetta, Ga.

"Even if you've set up your computer so that it only connects to trusted networks, there are programs like Karma, which lets hackers discover a network your computer trusts and mimic it. And these programs are freely available for sale, over the Internet, to anyone who wants to be a hacker."

For all the apparent ease of Wi-Fi fraud, specific crimes rarely make the news. Best Buy and Lowe's both got caught up in much-publicized scams several years back, and TJX, the parent company of Marshalls, T.J. Maxx and several other retailers, is taking heat for lax wireless security that exposed at least 47.5 million credit-card numbers and possibly several times that.

The scarcity of such news may indicate that Wi-Fi fraud has yet to grow from a potential problem to an active one, or it may simply indicate how hard it is to detect and capture perpetrators. Officials in obvious danger zones hope no news is good news, but they say they remain vigilant.

"We keep a close watch for problems, but so far we haven't seen bad networks or gotten reports from travelers," said Brian Murnahan, a spokesman for Dallas/Fort Worth.

"You may see several networks when you open up your computer in one of our terminals and think that's suspicious because there's only one public network here. You have to remember, though, that there are private networks, too. The airport maintains one for employees, and many of the airlines operate their own localized networks."

T-Mobile USA, the company that provides the public wireless networks at the airport and Starbucks, declined to comment about any specific behavior it has observed in the Dallas area, but the firm did e-mail a report on security precautions.

"The T-Mobile Hotspot Connection Manager prevents you from authenticating the wrong network or encountering an Evil Twin scenario," the document asserts. Companies such as AirTight and AirDefense also say they can protect computer users with their software.

Security experts believe they're slowly gaining ground on wireless hackers with safer operating systems, better encryption and software that can sniff out scams. This security software may eventually come standard with most computers, but users will still have to take precautions.

Baltimore Sun Articles
|
|
|
Please note the green-lined linked article text has been applied commercially without any involvement from our newsroom editors, reporters or any other editorial staff.